Last active
June 26, 2019 07:50
-
-
Save LAripping/c7fa456f68c06d8f85d1d527d22a9012 to your computer and use it in GitHub Desktop.
A small Bash script to grep over APKs after uncompressing them
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #set -x | |
| if [[ $# -ne 2 ]]; then | |
| echo "Usage: $0 <grep_regex> <dir>" | |
| echo "Search for APKs in a directory, extract the dex from them and grep over them for a pattern" | |
| echo " <grep_regex> The regex that will be passed to 'grep -ial' upon APKs " | |
| echo " <dir> The directory to 'find' APKs in" | |
| exit 1 | |
| fi | |
| re=$1; dir=$2 | |
| for apk in `find $dir -name "*.apk" -type f`; do | |
| unzip -qq -o -d /tmp $apk "*.dex" 2>/dev/null | |
| if grep -qial "$re" /tmp/*.dex 2>/dev/null; then | |
| echo "$apk matched!" | |
| else | |
| unzip -qq -o -d /tmp $apk "*.so" 2>/dev/null | |
| if grep -rqial "$re" /tmp/lib/ 2>/dev/null; then | |
| echo "$apk matched!" | |
| fi | |
| rm -fr /tmp/lib/ | |
| fi | |
| rm -f /tmp/*.dex | |
| done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Run it on extracted, mounted system images or inside the whole /system/priv-app directory of a working device | |
| $ ./dex_grepper.sh semobileservicesessionimpl /media/S8priv_app/ | |
| /media/S8priv_app/system/priv-app/SamsungContacts/SamsungContacts.apk matched! | |
| /media/S8priv_app/system/priv-app/SecGallery2015/SecGallery2015.apk matched! | |
| /media/S8priv_app/system/priv-app/Messaging_SEP81/Messaging_SEP81.apk matched! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment